Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

tidb: add explanation for the fields in mysql.user #18318

Merged
merged 15 commits into from
Jul 29, 2024
Merged

tidb: add explanation for the fields in mysql.user #18318

Changes from 1 commit
Commits
Show all changes
15 commits
Select commit Hold shift + click to select a range
6349d19
tidb: add explanation for the fields in `mysql.user`
CbcWestwolf Jul 22, 2024
dbe3a43
Update mysql-schema.md
CbcWestwolf Jul 22, 2024
edd1b27
create `mysql-schema` dir
CbcWestwolf Jul 22, 2024
f0816ef
put a reminder
CbcWestwolf Jul 22, 2024
696168a
describe mysql compatibility
CbcWestwolf Jul 22, 2024
334e085
fix
CbcWestwolf Jul 22, 2024
2bc487f
Update mysql-schema/mysql-schema.md
CbcWestwolf Jul 22, 2024
d573b8b
Apply suggestions from code review
CbcWestwolf Jul 22, 2024
3b9eee5
fix link error for tidb-cloud doc
CbcWestwolf Jul 22, 2024
d776a3a
Apply suggestions from code review
CbcWestwolf Jul 24, 2024
ee00df1
Merge branch 'master' into mysql-user
Oreoxmt Jul 25, 2024
c43717f
fix links for mysql.user
Oreoxmt Jul 25, 2024
f2f8284
fix links for mysql schema
Oreoxmt Jul 25, 2024
3857870
fix format
Oreoxmt Jul 25, 2024
029116c
Update wording
lilin90 Jul 29, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
74 changes: 74 additions & 0 deletions mysql-schema.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -22,6 +22,80 @@ These system tables contain grant information about user accounts and their priv
- `global_priv`: the authentication information based on certificates
- `role_edges`: the relationship between roles

### `mysql.user`

`mysql.user` is a frequently used system table. You can display the columns of `mysql.user` by:

```sql
desc mysql.user;
CbcWestwolf marked this conversation as resolved.
Show resolved Hide resolved
```

```
+------------------------+----------------------+------+-----+-------------------+-------+
| Field | Type | Null | Key | Default | Extra |
+------------------------+----------------------+------+-----+-------------------+-------+
| Host | char(255) | NO | PRI | <null> | |
| User | char(32) | NO | PRI | <null> | |
| authentication_string | text | YES | | <null> | |
| plugin | char(64) | YES | | <null> | |
| Select_priv | enum('N','Y') | NO | | N | |
| Insert_priv | enum('N','Y') | NO | | N | |
| Update_priv | enum('N','Y') | NO | | N | |
| Delete_priv | enum('N','Y') | NO | | N | |
| Create_priv | enum('N','Y') | NO | | N | |
| Drop_priv | enum('N','Y') | NO | | N | |
| Process_priv | enum('N','Y') | NO | | N | |
| Grant_priv | enum('N','Y') | NO | | N | |
| References_priv | enum('N','Y') | NO | | N | |
| Alter_priv | enum('N','Y') | NO | | N | |
| Show_db_priv | enum('N','Y') | NO | | N | |
| Super_priv | enum('N','Y') | NO | | N | |
| Create_tmp_table_priv | enum('N','Y') | NO | | N | |
| Lock_tables_priv | enum('N','Y') | NO | | N | |
| Execute_priv | enum('N','Y') | NO | | N | |
| Create_view_priv | enum('N','Y') | NO | | N | |
| Show_view_priv | enum('N','Y') | NO | | N | |
| Create_routine_priv | enum('N','Y') | NO | | N | |
| Alter_routine_priv | enum('N','Y') | NO | | N | |
| Index_priv | enum('N','Y') | NO | | N | |
| Create_user_priv | enum('N','Y') | NO | | N | |
| Event_priv | enum('N','Y') | NO | | N | |
| Repl_slave_priv | enum('N','Y') | NO | | N | |
| Repl_client_priv | enum('N','Y') | NO | | N | |
| Trigger_priv | enum('N','Y') | NO | | N | |
| Create_role_priv | enum('N','Y') | NO | | N | |
| Drop_role_priv | enum('N','Y') | NO | | N | |
| Account_locked | enum('N','Y') | NO | | N | |
| Shutdown_priv | enum('N','Y') | NO | | N | |
| Reload_priv | enum('N','Y') | NO | | N | |
| FILE_priv | enum('N','Y') | NO | | N | |
| Config_priv | enum('N','Y') | NO | | N | |
| Create_Tablespace_Priv | enum('N','Y') | NO | | N | |
| Password_reuse_history | smallint(5) unsigned | YES | | <null> | |
| Password_reuse_time | smallint(5) unsigned | YES | | <null> | |
| User_attributes | json | YES | | <null> | |
| Token_issuer | varchar(255) | YES | | <null> | |
| Password_expired | enum('N','Y') | NO | | N | |
| Password_last_changed | timestamp | YES | | CURRENT_TIMESTAMP | |
| Password_lifetime | smallint(5) unsigned | YES | | <null> | |
+------------------------+----------------------+------+-----+-------------------+-------+
44 rows in set
```

There are several types of columns in `mysql.user`:

* Scope:
* `Host` and `User` are used to specify a TiDB account
* Privilege:
* From `Select_priv` to `Drop_role_priv`, and from `Shutdown_priv` to `Create_Tablespace_Priv`: see [privileges required for TiDB operations](/privilege-management.md#privileges-required-for-tidb-operations)
* Security
* `authentication_string` and `plugin`: `authentication_string` records credentials for the accounts. Credentials are interpreted using the authentication plugin named in the `plugin` column.
* `Account_locked` records the account locking state.
* `Password_reuse_history` and `Password_reuse_time` are used for [password reuse policy](/password-management.md#password-reuse-policy)
* `User_attributes` provides information about user comments and user attributes
* `Token_issuer` is used for [`tidb_auth_token`](/security-compatibility-with-mysql.md#tidb_auth_token)
* `Password_expired`, `Password_last_changed` and `Password_lifetime` are used for [password expiration policy](/password-management.md#password-expiration-policy)

## Cluster status system tables

* The `tidb` table contains some global information about TiDB:
Expand Down
Loading